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Amendments to the Claims : 

Following is a complete listing of the claims pending in the application, as 
amended: 

1. (Currentjy^fnended) A method for creating virtual private connections 
between end points in a shared storage area network (SAN), the steps comprising: 

a) -providing a virtual connection architecture and a host initiator operatively 

connected thereto, said -the virtual connection architecture having a virtual 
connection manager and a virtual connection cache, the host initiator 
generating and transmitting I/O commands to said -the virtual connection 
manager of the virtual connection architecture; 

b) — comparing by the virtual connection manager source and destination 

information from sa i d the I/O commands to a predetermined list of 
allowable connections; and 
g)— when sa i d the source and destination information matches sa i d the 
predetermined list of allowable connections, 

determining from the virtual connection cache whether a previously 
established virtual connection exists between the source and 
destination: 

when the previously established virtual connection does not exist, creating 
a data connection between said the host initiator and a storage 
device, or a logical portion thereof, operatively connected to said 
the virtual connection architecture, thereby establishing a virtual 
private SAN : and 

when the virtual connection exists, using a virtual private SAN indicated by 
the previously established virtual connection . 

2. (Currently^afnended) The method for creating virtual private connections 
between end points in a shared SAN as recited in claim 1, wherein multiple virtual 
private SANs function independently and substantially simultaneously within said-the 
shared SAN. 
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3. (Original) The method for creating virtual private connections between 
end points in a shared SAN as recited in claim 2, wherein multiple host initiators share a 
common physical data channel. 




4. (Currently-Amended) The method for creating virtual private connections 
between end points in a shared SAN as recited in claim 23, wherein said- the multiple 
host initiators are provided a protected end-to-end data path. 

5. (CurrentJ^^ The method for creating virtual private connections 
between end points in a shared SAN as recited in claim 2, wherein said -the multiple, 
virtual private SANs support at least one SAN product i v i ty c onnectivity product from the 
group: hubs, switches, gateways and routers. 




6. (Currently amended) The method for creating virtual private connections 
between end points in a shared SAN as recited in claim 2, wherein said- the comparing 
st e p (b) comprises determining a level of access permission for said host initiator. 




7. (Currentl^arnended) The method for creating virtual private connections 
between end points in a shared SAN as recited in claim 6 , th e st e ps further comprising^ 

d) _storing information representative of at least one of said -the allowable 

connections. 




8. (Curreptty amended) The method for creating virtual private connections 
between end points in a shared SAN as recited in claim 7, wherein said -the storing step 
(d)-comprises storing said-the information in a virtual connection cache. 




9. (Curreptfy amended) The method for creating virtual private connections 
between end points in a shared SAN as recited in claim 8 , th o st o ps further comprising^ 
e) _using said -the information stored in the virtual connection i nformat i on 

cache to validate subsequent requests for access from said the host 

initiator. 
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10. (Curren^amended) The method for creating virtual private connections 
between end points in a shared SAN as recited in claim 8, wherein said -the virtual 
connection architecture comprises a virtual connection manager. 



11. t (Currentl^^ended) The method for creating virtual private connections 
between end points in a shared SAN as recited in claim 2, wherein said -the multiple 
virtual private SANs are operable within aan existing SAN without need for additional 
software, middleware, drivers, or modifications to an existing operating system. 




12. (Currently^amended) The method for creating virtual private connections 
between end points in a shared SAN as recited in claim 2, wherein said- the virtual 
private connections are fully secured independently of the security of each individual 
host. 




13. (Currentjy^amended) The method for creating virtual private connections 
between end points in a shared SAN as recited in claim 2, wherein said -the multiple 
virtual private SANs operate independently of attached storage devices. 

14. (Currenjl/a^ The method for creating virtual private connections 
between end points in a shared SAN as recited in claim 13, wherein said-the attached 
storage devices comprise any mixture of legacy or new technology storage devices. 




15. (Currentl^amended) The method for creating virtual private connections 
between end points in a shared SAN as recited in claim 2, wherein said -the multiple 
virtual private SANs operates independently of connection interfaces and provide 
support for at least one from the group of interfaces: Fibre Channel, SCSI, other SAN 
interfaces. 

16. (Current amended) The method for creating virtual private connections 
between end points in a shared SAN as recited in claim 2, wherein said-the at loa st on o 
init i ator host initiator comprises a host initiator interface for providing a connection to 
said -the virtual connection architecture. 
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17. (Currentl^afriended) The method for creating virtual private connections 
between end points in a shared SAN as recited in claim 6 , th e st e ps further comprising^ 

d) _providing a registration engine for receiving a registration command from 

said -the host initiator. 

18. (Currently ^friended) The method for creating virtual private connections 
between end points in a shared SAN as recited in claim 17, wherein said -the registration 
command comprises at least one of the commands from the group: full registration, 
periodic registration, and de-registration commands. 



19. (Currently^mended) The method for creating virtual private connections 
between end points in a shared SAN as recited in claim 18, wherein said-the registration 
e ng i n e s engine comprises a host registration service operating on said-the host initiator. 




20. (CurrenJJy^amended) The method for creating virtual private connections 
between end points in a shared SAN as recited in claim 18, wherein said -the registration 
commands compr i s e command comprises host and initiator specific information for 
facilitating automatic identification and configuration of said -the host and interface. 




21. (Currently^amended) The method for creating virtual private connections 
between end points in a shared SAN as recited in claim 17 , tho st o ps further 
comprising^ 

e) .periodically monitoring tbe-a_health status of said-the host initiator. 



22. (Curreptty amended) The method for creating virtual private connections 
between end points in a shared SAN as recited in claim 21 T further comprising the 



issuance of a periodic registration command. 




23. (Currentjy^amended) The method for creating virtual private connections 
between end points in a shared SAN as recited in claim 8 , tho st o ps further comprising^ 
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e) .automatically capturing an existing SAN configuration and using sa i d the 

captured configuration information to automatically establish persistent 
access controls. 



24. (New) An apparatus for creating virtual private connections between end 



points in a shared storage area network comprising: 

means for establishing a virtual connection between a source and a destination, 

wherein the means for establishing the virtual connection includes a virtual 

connection manager and a virtual connection cache; 
means for receiving I/O commands containing source and destination 

information; 

means for comparing the source and destination information in the I/O 
commands to a predetermined list of allowable data connections; 

means for creating a virtual private storage area network connection between the 
source and destination when the data connection is allowable but does not 
exist; and 

means for using the virtual private storage area network. 

25. (New) The apparatus of claim 24 wherein when a virtual private storage 
area network connection is created, storing an indication of the connection in the virtual 
connection cache. 

26. (New) The apparatus of claim 24 wherein the means for creating a virtual 
private storage area network connection includes means for determining whether the 
data connection exists by reading an indication from the virtual connection cache. 
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